package org.springframework.security.openid;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.association.AssociationException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryException;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;

/* loaded from: input_file:org/springframework/security/openid/OpenID4JavaConsumer.class */
public class OpenID4JavaConsumer implements OpenIDConsumer {
    private static final String DISCOVERY_INFO_KEY = DiscoveryInformation.class.getName();
    protected final Log logger;
    private final ConsumerManager consumerManager;
    private List<OpenIDAttribute> attributesToFetch;

    public OpenID4JavaConsumer() throws ConsumerException {
        this.logger = LogFactory.getLog(getClass());
        this.attributesToFetch = Collections.emptyList();
        this.consumerManager = new ConsumerManager();
    }

    public OpenID4JavaConsumer(List<OpenIDAttribute> list) throws ConsumerException {
        this(new ConsumerManager(), list);
    }

    public OpenID4JavaConsumer(ConsumerManager consumerManager, List<OpenIDAttribute> list) throws ConsumerException {
        this.logger = LogFactory.getLog(getClass());
        this.attributesToFetch = Collections.emptyList();
        this.consumerManager = consumerManager;
        this.attributesToFetch = Collections.unmodifiableList(list);
    }

    @Override // org.springframework.security.openid.OpenIDConsumer
    public String beginConsumption(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws OpenIDConsumerException {
        try {
            DiscoveryInformation associate = this.consumerManager.associate(this.consumerManager.discover(str));
            httpServletRequest.getSession().setAttribute(DISCOVERY_INFO_KEY, associate);
            try {
                AuthRequest authenticate = this.consumerManager.authenticate(associate, str2, str3);
                if (!this.attributesToFetch.isEmpty()) {
                    FetchRequest createFetchRequest = FetchRequest.createFetchRequest();
                    for (OpenIDAttribute openIDAttribute : this.attributesToFetch) {
                        createFetchRequest.addAttribute(openIDAttribute.getName(), openIDAttribute.getType(), openIDAttribute.isRequired(), openIDAttribute.getCount());
                    }
                    authenticate.addExtension(createFetchRequest);
                }
                return authenticate.getDestinationUrl(true);
            } catch (ConsumerException e) {
                throw new OpenIDConsumerException("Error processing ConsumerManager authentication", e);
            } catch (MessageException e2) {
                throw new OpenIDConsumerException("Error processing ConsumerManager authentication", e2);
            }
        } catch (DiscoveryException e3) {
            throw new OpenIDConsumerException("Error during discovery", e3);
        }
    }

    @Override // org.springframework.security.openid.OpenIDConsumer
    public OpenIDAuthenticationToken endConsumption(HttpServletRequest httpServletRequest) throws OpenIDConsumerException {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        ParameterList parameterList = new ParameterList(httpServletRequest.getParameterMap());
        DiscoveryInformation discoveryInformation = (DiscoveryInformation) httpServletRequest.getSession().getAttribute(DISCOVERY_INFO_KEY);
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null && queryString.length() > 0) {
            requestURL.append("?").append(httpServletRequest.getQueryString());
        }
        try {
            VerificationResult verify = this.consumerManager.verify(requestURL.toString(), parameterList, discoveryInformation);
            Message authResponse = verify.getAuthResponse();
            ArrayList arrayList = new ArrayList(this.attributesToFetch.size());
            if (authResponse.hasExtension("http://openid.net/srv/ax/1.0")) {
                if (isDebugEnabled) {
                    this.logger.debug("Extracting attributes retrieved by attribute exchange");
                }
                try {
                    FetchResponse extension = authResponse.getExtension("http://openid.net/srv/ax/1.0");
                    if (extension instanceof FetchResponse) {
                        FetchResponse fetchResponse = extension;
                        for (OpenIDAttribute openIDAttribute : this.attributesToFetch) {
                            List attributeValues = fetchResponse.getAttributeValues(openIDAttribute.getName());
                            if (!attributeValues.isEmpty()) {
                                OpenIDAttribute openIDAttribute2 = new OpenIDAttribute(openIDAttribute.getName(), openIDAttribute.getType(), attributeValues);
                                openIDAttribute2.setRequired(openIDAttribute.isRequired());
                                arrayList.add(openIDAttribute2);
                            }
                        }
                    }
                    if (isDebugEnabled) {
                        this.logger.debug("Retrieved attributes" + arrayList);
                    }
                } catch (MessageException e) {
                    arrayList.clear();
                    throw new OpenIDConsumerException("Attribute retrievel failed", e);
                }
            }
            Identifier verifiedId = verify.getVerifiedId();
            return verifiedId == null ? new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, discoveryInformation.getClaimedIdentifier().getIdentifier(), "Verification status message: [" + verify.getStatusMsg() + "]", arrayList) : new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, verifiedId.getIdentifier(), "some message", arrayList);
        } catch (DiscoveryException e2) {
            throw new OpenIDConsumerException("Error verifying openid response", e2);
        } catch (MessageException e3) {
            throw new OpenIDConsumerException("Error verifying openid response", e3);
        } catch (AssociationException e4) {
            throw new OpenIDConsumerException("Error verifying openid response", e4);
        }
    }
}
